﻿using System;
using System.Collections.Generic;

using System.Web;
using SeaBlueU5.Model.Standard;
using System.Data;

namespace SeaBlueU5.Web.Login
{
    public class ValidateUser :IHttpModule
    {
        #region IHttpModule 成员

        public void Dispose()
        {
            
        }

        public void Init(HttpApplication context)
        {
            context.AcquireRequestState += new EventHandler(context_AcquireRequestState);
        }

        void context_AcquireRequestState(object sender, EventArgs e)
        {

            HttpApplication app = (HttpApplication)sender;
            string url = app.Context.Request.Url.ToString().ToLower();
            if (!url.Contains("/login.aspx") && url.Contains("/standard"))
            {
                User user = getUser();
                if (user == null)
                {
                    app.Context.Response.Redirect("/Standard/Login.aspx?url=" + url);
                }
                else
                {
                    if (!url.Contains("/default.aspx") && user.UName != "wangtao")
                    {
                        //权限控制
                        bool v = false;
                        DataTable menu = getMenu();
                        if (menu != null)
                        {
                            for (int i = 0; i < menu.Rows.Count; i++)
                            {
                                if (menu.Rows[i]["FUrl"].ToString().ToLower().Contains(app.Context.Request.Url.AbsolutePath.ToLower()))
                                {
                                    v = true;
                                    break;
                                }
                            }
                        }
                        if (!v)
                        {
                            app.Context.Response.Write("该角色没有权限！");
                            app.Context.Response.End();
                        }
                    }
                }
            }
        }

        public static User getUser()
        {
            User user = HttpContext.Current.Session["user"] as User;
            if (user == null)
            {
                if (HttpContext.Current.Request.Cookies["username"] != null)
                {
                    string username = HttpContext.Current.Request.Cookies["username"].Value;
                    user = new SeaBlueU5.BLL.User().GetModel(username);
                }
            }
            return user;
        }

        public static DataTable getMenu()
        {
            DataTable dt_fun = HttpContext.Current.Session["menu"] as DataTable;
            if (dt_fun == null)
            {
                User user = getUser();
                if (user != null)
                {
                    string sql = "select * from ys_Function a inner join ys_RoleFunction b on b.FId=a.FId where a.isshow=1 and b.RId=" + user.RId;
                    dt_fun = Maticsoft.DBUtility.DbHelperSQL.Query(sql).Tables[0];
                    HttpContext.Current.Session["menu"] = dt_fun;
                }
            }
            return dt_fun;
        }
        #endregion
    }
}